kyxiaxiang / SafetasklistView external linksLinks
Help red teams find opsec processes during engagements
☆42Dec 7, 2024Updated last year
Alternatives and similar repositories for Safetasklist
Users that are interested in Safetasklist are comparing it to the libraries listed below
Sorting:
- Detect Beacon Powerful (Include CobatStrike 4.10 Aha~)☆21Oct 18, 2024Updated last year
- 在线安软识别☆12Aug 6, 2025Updated 6 months ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- more conveniently Visual-Studio-BOF-template☆75Sep 12, 2023Updated 2 years ago
- Linux Process Injection via Seccomp Notifier☆81Dec 9, 2025Updated 2 months ago
- ☆24Dec 18, 2022Updated 3 years ago
- ☆26Apr 24, 2025Updated 9 months ago
- Using LNK files and user input simulation to start processes under explorer.exe☆33Sep 21, 2024Updated last year
- Validates priv escalation of AD trusts☆48Apr 1, 2025Updated 10 months ago
- tsh多终端代理通信☆19Feb 26, 2025Updated 11 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆307Mar 31, 2025Updated 10 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- ☆10Nov 2, 2023Updated 2 years ago
- ☆12Nov 25, 2024Updated last year
- A BOF to create a scheduled task using a COM object.☆16Dec 3, 2024Updated last year
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 7 months ago
- Evasive loader to bypass static detection☆59Jan 15, 2024Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- A cmake template for crystal palace☆38Dec 20, 2025Updated last month
- Log all keyboard and terminal input/output for any app 记录任意程序的键盘输入和终端输入输出☆22Sep 19, 2025Updated 4 months ago
- CVE-2024-35250 的 Beacon Object File (BOF) 实现。☆24Nov 28, 2024Updated last year
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- Impersonate Tokens using only NTAPI functions☆83Apr 4, 2025Updated 10 months ago
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 2 years ago
- A tool written in golang which compress using UPX and patch it with the provided PE file to make "UPX -d" flag impossible to decompress a…☆28Jan 2, 2025Updated last year
- Arsenal of modules to beacon postex☆93Updated this week
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆128Jan 28, 2026Updated 2 weeks ago
- A Crystal Palace shared library to resolve & perform syscalls☆56Oct 29, 2025Updated 3 months ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated 11 months ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and r…☆381Apr 26, 2025Updated 9 months ago
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated 11 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆359Jan 29, 2026Updated 2 weeks ago
- 添加计划任务方法集合☆309Aug 6, 2023Updated 2 years ago
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated 11 months ago